Auto Assembler:LUACODE

From Cheat Engine
Revision as of 11:23, 16 September 2023 by CassiOwOpeia (talk | contribs) (Add an example in a complete Auto Assemble (taken from the example provided by Dark Bytes in topic))
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

CE 7.2 added {$LUACODE} / {$ASM} blocks

Within these blocks you can write Lua code which will get executed by CE when the target process executes the code at the block. There can only be 1 lua-block running at the same time, so do not stay to long in this block.


You can give the {$LUACODE} block parameters so you have access to certain registers in a format you can work with. When you reach the end of the block (So no 'return') the changed variables will be applied back to the related registers.

The parameters are formatted as variablename=registername seperated by spaces

The following register notations are allowed:

 RAX/EBX, RBX/RCX, ...: Interpret as a 8/4 byte value
 RAXF,RBXF,RCXF, ... : Interpret value as float  
 XMM0.0 or XMM0.0F (float)
 XMM0.1 or XMM0.1F (float)
 ....
 XMM1.0
 ...
 XMM0.0D (double)
 ... ​

If you just use XMM0 to XMM15: then you'll receive a lua bytetable containing all 16 bytes of the xmm register


example: RCX contains the classinstance of the player, RBX the new health after being hit, and you know that at offset b8 the 4 byte value is 1 when it's player:

{$LUACODE playerbase=RCX newhealth=RBX}
if readInteger(playerbase+0xb8)==1 then
  newhealth=100000
else
  ​newhealth=0
end
{$ASM}
‎

this will change the rbx register to 100000 when it's the player, and 0 when it's not

e.g in a full AA script:

alloc(newmem,2048,"Tutorial-x86_64.exe")
label(returnhere)
label(originalcode)
label(exit)

newmem: //this is allocated memory, you have read,write,execute access
//place your code here

{$luacode testparam=eax}
printf("Tutorial hit me called.  testparam=%d",testparam)
testparam=-2
{$asm}

originalcode:
sub [rbx+000007F8],eax

exit:
jmp returnhere

"Tutorial-x86_64.exe"+2B42C:
jmp newmem
nop
returnhere:
‎